4 matches found
EUVD-2014-6810
Malware in sbrugna...
CVE-2014-6932
The All Navalny aka com.all.navalny application 1.10 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
Code injection
The All Navalny aka com.all.navalny application 1.10 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...
CVE-2014-6932
CVE-2014-6932 affects the Android All Navalny app (1.10). The vulnerability is due to the app not verifying X.509 certificates in SSL/TLS, allowing MITM attackers to spoof servers and exfiltrate sensitive information via crafted certificates. Root cause: missing server cert verification during SS...